[
https://issues.apache.org/jira/browse/HADOOP-12893?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15229643#comment-15229643
]
Colin Patrick McCabe commented on HADOOP-12893:
-----------------------------------------------
Hmm. Looking at http://www.apache.org/dev/licensing-howto.html again, it seems
that maybe we do need to have a separate LICENSE and NOTICE for our binary
tarballs, since they have additional bundled contents:
{code}
> BINARY DISTRIBUTIONS
> What applies to canonical source distributions also applies to all
> redistributions, including binary redistributions:
>
> Any redistribution must obey the licensing requirements of the contents.
>
> The best way to do that will likely depend on the binary packaging form.
>
> When assembling binary distributions, it is common to pull in and bundle
> additional dependencies which are not bundled with the source
> distribution. These additional dependencies must be accounted for in
> LICENSE and NOTICE.
{code}
I know a few projects that just do source-only releases. It avoids this sort
of issue, and also the issues of missing native library support giving a poor
end-user experience. I've always wondered why Hadoop didn't go that route.
I wonder if someone more knowledgeable about licensing can comment on whether
or binary tarball does indeed mean we need to make major changes to NOTICE and
LICENSE? Those files will be extremely long if we put in all transitive
dependencies...
> Verify LICENSE.txt and NOTICE.txt
> ---------------------------------
>
> Key: HADOOP-12893
> URL: https://issues.apache.org/jira/browse/HADOOP-12893
> Project: Hadoop Common
> Issue Type: Bug
> Affects Versions: 2.8.0, 3.0.0, 2.7.3, 2.6.5
> Reporter: Allen Wittenauer
> Priority: Blocker
>
> We have many bundled dependencies in both the source and the binary artifacts
> that are not in LICENSE.txt and NOTICE.txt.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
